Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OID entry name in OID container is not random #1

Open
Crypt32 opened this issue Mar 28, 2018 · 2 comments
Open

OID entry name in OID container is not random #1

Crypt32 opened this issue Mar 28, 2018 · 2 comments

Comments

@Crypt32
Copy link

Crypt32 commented Mar 28, 2018

You have a function Get-RandomHex that generates random HEX for OID entry name in OID container. Actually, these OIDs are not truly random, their name depend on actual OID value and generated as follows:

OID entry name format: [X.Y]
Where X -- is first 16 (up to) characters of last OID arc. If last arc length exceeds 16 characters, it is stripped to 16 characters.
Where Y -- is MD5 hash calculated over unicode OID value string.

This technique is used in order to support O(1) OID lookup instead of enumerating all OID entries in OID container.
@GoateePFE
Copy link
Owner

Added notes from Twitter thread with Vadims here:
It is OID part (separated by dot). OID is hierarchical structure and each number have some meaning in a given context.
I'm not sure about public information on OID name generation, I got this from Vic Heller (Windows PKI team) six years ago.

@Crypt32
Copy link
Author

Crypt32 commented Apr 8, 2018

untitled
excerpt from respective conversation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Crypt32 @GoateePFE